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Introduction © 


Scott Frost cissp cism, CISA 


e Director of Cybersecurity and Incident Management for Time Warner Cable 
e 18+ years of Information Assurance experience 
e Education 

e MS in Network Security 

e PhD Candidate in Information Assurance 


Michael Berryhill acvme, mcse, ucts 


e Senior Security Engineer for Time Warner Cable 
e 18 years of IT experience — 8 in Information Assurance 
e Education 

e MS in Computer Science 


Our Goals 


Get the right 
vulnerability 


intelligence to 
the right people 
at the right time 


How did we accomplish this? 


Business 
Intelligence 


ARENO ROUEN 


e Qualys API 
e XML and XSLT 


e RSA professional services helped us 
with this integration 


Qualys + Archer = Attribution 


Attribution 


e The Right People 


Vulnerabilities By Executive Owner 


335 


Mr. McGoo (VP) Tommy Boy (VP) Jason Bourne (VP) 


Qualys + Archer = Attribution 


Vulnerabilities By Remediation Owner for 
Jason Bourne 


10% = Bugs Bunny 


= Daffy Duck 
= Clark Superman 


u Peter Spiderman 


Qualys + Archer = Attribution 
Attribution 

| e The Right People 
Metrics 

| e Driving Understanding and Remediation 


Qualys + Archer = Attribution 


Carolinas 


All Vulnerabilities by 
Location and Source 


m@ Vulnerability Scans 


m Penetration Tests 


New York Georgia Corporate 


Qualys + Archer = Attribution 
Attribution 

| e The Right People 
Metrics 

| e Driving Remediation 
Access Control 

| e Controlled Access 


Qualys + Archer + Business Intelligence = Focused 


Inspiration 


e Catchup 
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Qualys + Archer + Business Intelligence = Focused © 


Actionable Intelligence 


e Where would a specific IP be if it had been scanned? 


ee eas ie Net 


int-AG-IT-CA- 
Sacramento 


Sacramento INT 169.254.1.0-169.254.1.255 169.254.1.0/24 


Actionable Intelligence 


e What vulnerabilities should we focus on for 
remediation efforts? 


E Windows Remote Desktop 
Vulnerability (MS12-020) 


E SSL Certificate - Self 
Signed Certificate 


™ Adobe ColdFusion 
Vulnerability (12-15) 
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Actionable Intelligence 


e What geographical area can we focus remediation 
efforts on to get the biggest bang for our buck? 


E Los Angeles 

E New York City 
H Tucson 

E Sochi 
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Qualys + Archer + Business Intelligence = Focused © 


Actionable Intelligence 


e It’s not just remediation that can benefit from this data. 


e Our Penetration Testers want to know what is the external attack surface 
available for PCI assets. 


10.10.1.2 IANA Ports and Services [Description 
oa Word Wide Web HTTP 
443 https http protocol over TLS/SSL 
10.10.27.126 eT 
25 ae Simple Mail Transfer 
53domain Domain Name Server | 
80www Word Wide Web HTTP | 


443https © http protocol over TLS/SSL 
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What’s Next © 


Longitudinal Data 


e History, Trending, Analytics 
e Predictions 


Integration with Other Systems 


e AD, Network Infrastructure 
e Risk Framework 


u Costs Associated with Vulnerabilities ~] 


Thank You! 


